Each operating system can be a serious risk if one decides to use it as a
perimeter device. There is always something new to tune, harden, disable,
enhance on any given operating system. Prior to installing a security
application on top of the residing operating system. Ask someone else
within your group to cross-check your work..
Disable everything, then only turn on what you may need.. :)
/m
Ron DuFresne <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
04/22/00 11:00 AM
To: Jochen Kaiser <[EMAIL PROTECTED]>
cc: [EMAIL PROTECTED], [EMAIL PROTECTED], firewall list
<[EMAIL PROTECTED]>
Subject: Re: Which would you choose?
On Sat, 22 Apr 2000, Jochen Kaiser wrote:
> oh my god. this will become a monsterthread :)
that it will...
[SNIP]
>
> >
> > Is Linux and ipchains/squid/TIS FWTK/etc a security risk?
>
> A linux out of the box always is. If you spend time and patch and check
> configurations and use it as a standalone computer for firewalling and
> squid with no other user shell access, it may be usable.
>
As is solars, sgi, hp, you name em, all but perhaps openbsd and even a few
particular distributions of linux designed to be secure 'out of the box'.
The key point here is knowing yer OS and knowing in particular -=how to
lock it down=- It's been said here many times over, if you know an OS
better then others, use that, even if yer talking linux, which can be well
suited to certain situations.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
